GoPhish by default tips your hand to defenders and security solutions. T

Overview

sneaky_gophish

Hiding GoPhish from the boys in blue! See my blog article linked below for details on all the changes made during compilation of GoPhish before using!

Why?

GoPhish by default tips your hand to defenders and security solutions. The container here strips those indicators and makes other changes to hopefully evade detection during operations.

How?

Getting the container up and running is very simple.

Run the following one-liner to clone the repository and build the container:

git clone https://github.com/puzzlepeaches/sneaky_gophish && \
  cd sneaky_gophish && \
  docker build -t sneaky_gophish .

To actually run the container headlessly, run the following command:

docker run -itd --name sneaky_gophish -p 3333:3333 -p 8080:8080 sneaky_gophish

Thank god that GoPhish doesn't use a universal default password anymore. To get the admin credentials for the image after running it, issue the following command:

docker logs sneaky_gophish | grep password

You should now be able to navigate to the GoPhish administrator interface at the URL listed below if you are running this on your workstation:

Caveats

  • This container exposes port 8080 for the phishing page sent to users. This means we aren't using SSL out of the box. We reccomend using a reverse proxy and robust redirect rules to protect your GoPhish instance and thwart defenders.
  • The changes to this repository aren't the end all for detection capabilities. There is more here that should be done before using it in a real world engagement.
You might also like...
QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security and store it on physical paper.
QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security and store it on physical paper.

QR Secrets QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security. Incorporating; AES256-GCM-HKDF

HTTP middleware for Go that facilitates some quick security wins.

Secure Secure is an HTTP middleware for Go that facilitates some quick security wins. It's a standard net/http Handler, and can be used with many fram

Gryffin is a large scale web security scanning platform.

Gryffin (beta) Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems w

PHP security vulnerabilities checker

Local PHP Security Checker The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with know

Sqreen's Application Security Management for the Go language
Sqreen's Application Security Management for the Go language

Sqreen's Application Security Management for Go After performance monitoring (APM), error and log monitoring it’s time to add a security component int

How to systematically secure anything: a repository about security engineering
How to systematically secure anything: a repository about security engineering

How to Secure Anything Security engineering is the discipline of building secure systems. Its lessons are not just applicable to computer security. In

Convenience of containers, security of virtual machines

Convenience of containers, security of virtual machines With firebuild, you can build and deploy secure VMs directly from Dockerfiles and Docker image

MQTT安全测试工具 (MQTT Security Tools)
MQTT安全测试工具 (MQTT Security Tools)

███╗ ███╗ ██████╗ ████████╗████████╗███████╗ ████╗ ████║██╔═══██╗╚══██╔══╝╚══██╔══╝██╔════╝ ██╔████╔██║██║ ██║ ██║ ██║ ███████╗ ██║╚██╔╝█

 gosec - Golang Security Checker
gosec - Golang Security Checker

Inspects source code for security problems by scanning the Go AST.

Comments
  • Error: error creating build container: short-name

    Error: error creating build container: short-name "golang:1.15.2"

    [2/3] STEP 1/14: FROM golang:1.15.2 AS build-golang [3/3] STEP 1/16: FROM debian:stable Resolved "debian" as an alias (/etc/containers/registries.conf.d/shortnames.conf) Trying to pull docker.io/library/debian:stable... Error: error creating build container: short-name "golang:1.15.2" did not resolve to an alias and no unqualified-search registries are defined in "/etc/containers/registries.conf"

    opened by mother2110 0
Owner
null
BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish)

BluePhish BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish) Gophish is an open-source phishing toolkit designed for businesses and pene

BlueStone AG 4 Jun 1, 2022
Web-Security-Academy - Web Security Academy, developed in GO

Web-Security-Academy - Web Security Academy, developed in GO

Xavier Llauca 1 Feb 23, 2022
firedrill is a malware simulation harness for evaluating your security controls

firedrill ?? Malware simulation harness. Build native binaries for Windows, Linux and Mac simulating malicious behaviours. Test the effectiveness of y

FourCore Labs 79 Sep 26, 2022
A Go language implementation of the proposed ads.cert protocols for integration in programmatic ads solutions.

go-adscert A Go language implementation of the proposed ads.cert protocols for integration in programmatic ads solutions. This repository is a work-in

Curtis Light 3 Jun 4, 2021
Cossack Labs 1.1k Sep 19, 2022
set of web security test cases and a toolkit to construct new ones

Webseclab Webseclab contains a sample set of web security test cases and a toolkit to construct new ones. It can be used for testing security scanners

Yahoo 916 Sep 9, 2022
Tracee: Linux Runtime Security and Forensics using eBPF

Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns.

Aqua Security 2.2k Sep 27, 2022
A scalable overlay networking tool with a focus on performance, simplicity and security

What is Nebula? Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect comp

Slack 10.5k Sep 24, 2022
Go binary that finds .EXEs and .DLLs on the system that don't have security controls enabled

Go Hunt Weak PEs Go binary that finds .EXEs and .DLLs on the system that don't have security controls enabled (ASLR, DEP, CFG etc). Usage $ ./go-hunt-

m0rv4i 13 Oct 28, 2021
Analyse binaries for missing security features, information disclosure and more.

extrude Analyse binaries for missing security features, information disclosure and more. ?? Extrude is in the early stages of development, and current

Liam Galvin 45 Sep 22, 2022